Month: November 2017

Smithsonian Magazine’s Interview With Jony Ive smithsonianmag.com

Rick Tetzeli, co-author of “Becoming Steve Jobs”, got a tour of Apple Park for Smithsonian Magazine and sat down with Jony Ive for a short interview:

It’s a truism in tech design that it takes a great deal of work to make something easy to use, and no company has proven the principle more spectacularly than Apple. It came straight from Jobs, who pushed his engineers and designers to remember that it wasn’t the device that customers wanted — it was the experience, the information, the services, the apps, the ability to edit spreadsheets and documents, to watch video, send email and texts, play games, take photographs — the countless things we do today (effortlessly, for the most part). You can debate the consequences of this new power at our fingertips, but there’s no denying it’s a revolution in the daily lives of rich and poor alike, and that Apple has set the pace, led by Ive’s answers to Jobs’ questions. Jobs loved the iPad, which he called an “intimate device” because it was immersive, like a good book — a window into whatever worlds you chose to explore. “In so many ways,” Ive says, “we’re trying to get the object out of the way.”

Last night, I watched “App: The Human Story” and I was struck by Matías Duarte’s explanation that apps are generally single-purpose widgets on a very general-purpose device. I think Apple’s latest generation of devices is the purest expression of that idea. Everything they’ve been doing — from near-seamless enclosures and Face ID, down to the coatings on the display becoming increasingly closer to black, so when the display is off, it vanishes into the glass — gets closer to this idea. Even the software of the iPhone X comes closer to that: you can fling your apps around or send them back to the home screen, and it feels like you’re directly manipulating everything the system does. Similar interactions on the iPad help turn that into a totally immersive experience; one of my biggest gripes with previous generations of iOS is the number of times it still felt necessary to use the home button, but that’s almost completely changed with iOS 11. It really is remarkable how much I can do with a device that often feels like it isn’t even there.

British Group Files Class Action Suit Against Google for 2012 Safari Targeting Workaround theguardian.com

Graham Ruddick, the Guardian:

More than 5 million people in the UK could be entitled to compensation from Google if a class action against the internet giant for allegedly harvesting personal data is successful.

A group led by the former executive director of consumer body Which?, Richard Lloyd, and advised by City law firm Mischon de Reya claims Google unlawfully collected personal information by bypassing the default privacy settings on the iPhone between June 2011 and February 2012.

They have launched a legal action with the aim of securing compensation for those affected. The group, called Google You Owe Us, says that approximately 5.4 million people in Britain used the iPhone during this period and could be entitled to compensation.

Google is accused of breaching principles in the UK’s data protection laws in a “violation of trust” against iPhone users.

The technique used by Google and other ad companies to bypassing Safari’s cookie settings was originally described publicly in a 2012 Wall Street Journal article by Julia Angwin and Jennifer Valentino-DeVries:

To get around Safari’s default blocking, Google exploited a loophole in the browser’s privacy settings. While Safari does block most tracking, it makes an exception for websites with which a person interacts in some way—for instance, by filling out a form. So Google added coding to some of its ads that made Safari think that a person was submitting an invisible form to Google. Safari would then let Google install a cookie on the phone or computer.

It is striking to me how malicious this kind of action is. It isn’t Google’s right to determine when it feels like it can circumvent users’ preferences to install cookies or anything on their computers. You may argue that these are not users’ preferences — that Safari’s defaults are Apple’s preferences. But I think that’s a dangerous stance because there’s no way to determine when a preference has been deliberately chosen by the user.

I know I’ve been harping on bugs in Apple’s software for the last little while, but deliberate actions like Google’s bother me far more. The Safari workaround is something that an engineer had to actually build. Someone had to understand that Safari’s default cookie settings were incompatible with tracking, but instead of choosing not to track users, they thought it was their right to override those preferences. Egregious.

Facial Recognition Mania Mania pcmag.com

John C. Dvorak of PC Magazine wrote a piece tying the introduction of Face ID on the iPhone X to the Australian government’s plans to introduce a facial recognition system to identify suspects of crime. I know very little about that plan — though I’m eager to learn more — but I do know enough about the iPhone X to take issue with this bit of his piece:

We can assume the NSA, which spies on its own citizenry, will store massive amounts of imagery in its huge facility in Utah. From that, an instant dossier of someone’s whereabouts can be produced as needed.

Until then, we have Apple’s iPhone X, which swaps Touch ID for Face ID. The real beneficiaries of this technique will be the police; they can just point it at the person and they are in.

The user must be paying attention to the device and within a certain range for Face ID to make a successful scan. And, for what it’s worth, pressing and holding the power button and either volume button for two seconds will disable Face ID until a passcode is entered.

Also, implicitly tying Face ID to assumed NSA activities is misleading and irresponsible.

Apple previously relied on fingerprints with Touch ID; now the home button is gone, perhaps saving it money. Facial recognition is just software, after all; the camera is already in the phone.

Dvorak continues to demonstrate why he is one of the most inept technology columnists writing today in a mainstream publication. Apple has helpfully provided an easy-to-read white paper (PDF) explaining how Face ID works. It’s six pages long, but if that’s too much reading for Dvorak, Apple also put a labelled diagram on the iPhone X’s marketing webpage. In short, it doesn’t use the front-facing camera that’s “already in the phone” — it uses an infrared light, infrared dot projector, and an infrared camera to create a depth map of the detected face.

I don’t have a problem with people whose opinion differs from my own. I don’t have a problem with people who write articles that I firmly disagree with. I do have a problem with laziness and making stuff up.

Apple Issues Statement and Fix for High Sierra Root User Authentication Bug techcrunch.com

Apple’s statement, via Romain Dillet of TechCrunch:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.

A fast bug fix, an apology, and a commitment to fixing whatever led to a bug like this shipping. That’s the good news.

Unfortunately, some users on the MacRumors forums are reporting that the security patch also breaks file sharing. It would be foolish to recommend users wait to apply this patch — and impossible, because it gets installed automatically — but you should be aware of this bug if that’s something you depend on.

Ben Thompson Is Wrong About the Deregulation of ISPs

Ben Thompson writes a reasonable-sounding yet largely wrong defence of the proposal to reclassify ISPs under Title I instead of Title II, beginning with a smart debunking of that Portuguese cellular pricing infographic you’ve probably seen:

So to recount: one Portugal story is made up, and the other declared that a 10GB family plan with an extra 10GB for a collection of apps of your choosing for €25/month ($30/month) is a future to be feared; given that AT&T charges $65 for a single “Unlimited” plan that downscales video, bans tethering, and slows speeds after 22GB, one wonders if most Americans share that fear.

It’s a sillier infographic than you might realize — contrary to what Congressman Khanna wrote, the E.U., of which Portugal is a part, actually has net neutrality laws, albeit ones that permit some zero-rating; I’ll get to zero-rating a little later. But the prior excerpt and its succeeding paragraph form the thesis for Thompson’s argument:

That, though, is the magic of the term “net neutrality”, the name — coined by the same Tim Wu whose tweet I embedded above — for those FCC rules that justified the original 2015 reclassification of ISPs to utility-like common carriers. Of course ISPs should be neutral — again, who could be against such a thing? What is missing in the ongoing debate, though, is the recognition that, ever since the demise of AOL, they have been. The FCC’s 2015 approach to net neutrality is solving problems as fake as the image in Wu’s tweet; unfortunately the costs are just as real as those in Congressman Khanna’s tweet, but massively more expensive.

Thompson follows this by acknowledging several instances when ISPs were not treating data neutrally, but concludes that contemporary regulatory action or public pressure illustrate a lack of need for Title II classification. I find this reasoning to be ill-considered at best. First, the Madison River incident:

The most famous example of an ISP acting badly was a company called Madison River Communication which, in 2005, blocked ports used for Voice over Internet Protocol (VoIP) services, presumably to prop up their own alternative; it remains the canonical violation of net neutrality. It was also a short-lived one: Vonage quickly complained to the FCC, which quickly obtained a consent decree that included a nominal fine and guarantee from Madison River Communications that they would not block such services again.

It’s worth recognizing that the consent decree references Title II guidelines. Thompson cites two more cases of net neutrality violations — Comcast blocking the BitTorrent protocol under the guise of it being network management policy, and MetroPCS offering zero-rated YouTube, which I’ll get to later — but, strangely, doesn’t mention AT&T’s blocking of FaceTime on certain cellular plans. No other video chatting apps were prohibited, raising the question of why AT&T decided to target FaceTime users.

Recently, Verizon began throttling video streaming on their cellular network, too, with the exception of its NFL app which, by the way, is also exempt from data caps. The FCC under Tom Wheeler said that AT&T was violating net neutrality rules when they exempted their own DirecTV service from users’ data caps, too, giving it an unfair advantage over other streaming video services. Comcast hilariously argued that their broadband-powered service for streaming video to laptops was exempt from the anticompetitive agreement they signed when they acquired NBCUniversal.

That makes this claim, in Thompson’s recap, obviously incorrect:

There is no evidence of systemic abuse by ISPs governed under Title I, which means there are no immediate benefits to regulation, only theoretical ones

There is clearly plenty of evidence that ISPs will not treat data the same if offered the opportunity to do otherwise. And, I stress again, we aren’t simply talking about internet providers here — these are vertically-integrated media conglomerates which absolutely have incentive to treat traffic from friendly entities differently through, for example, zero-rating, as AT&T did with DirecTV, Verizon does with their NFL app, and T-Mobile does for certain services.

Thompson:

Again, zero-rating is not explicitly a net-neutrality issue: T-Mobile treats all data the same, some data just doesn’t cost money.

What? No, really, what? T-Mobile treats all data the same except the data they treat differently might be one of the worst arguments in this whole piece, and there are a few more rotten eggs to get to. If consumers are paying for some data and there’s other data they’re not paying for, they’re naturally going to be biased towards using the data that isn’t going to cost them anything. And that makes this argument complete nonsense as well:

What has happened to the U.S. mobile industry has certainly made me reconsider [the effect on competition by zero-rating]: if competition and the positive outcomes it has for customers is the goal, then it is difficult to view T-Mobile’s approach as anything but a positive.

T-Mobile’s introduction of inexpensive so-called “unlimited” data plans — throttled after a certain amount of data has been used, of course — drove competitors to launch similar plans, that much is true. But zero-rating had very little to do with those consumer-friendly moves. And, as if to conveniently illustrate the relative dearth of competition in the US cellular market, Sprint has a chart on their website showing that single-line unlimited plans cost a similar amount per month from AT&T, T-Mobile, and Verizon; Sprint’s plan is cheaper, but they also have worse performance and coverage.

Thompson next tackles the argument that zero-rating is anti-competitive:

Still, what of those companies that can’t afford to pay for zero rating — the future startups for which net neutrality advocates are willing to risk the costs of heavy-handed regulations? In fact, as I noted in that excerpt, zero rating is arguably a bigger threat to would-be startups than fast lanes, […]

This is probably true, and that’s why it’s so important that these rules are in place.

[…] yet T-Mobile-style zero rating isn’t even covered by those regulations! This is part of the problem of regulating future harm: sometimes that harm isn’t what you expect, and you have regulated and borne the associated costs in vain.

In fact, zero-rating is, in general, covered by the 2015 net neutrality rules. That’s why the FCC sent letters to AT&T and Verizon stating that aspects of those companies’ zero-rating practices discriminated against competitors.

But T-Mobile was careful with their zero-rating practices and made sure that there were competing services offered for free. As an example, they exempt Apple Music and Spotify from data limits. But what if you wanted to listen to a mixtape on DatPiff or an indie artist on Bandcamp? That would count against your data cap, which makes those services less enticing to consumers. It clearly benefits the established players, and reduces the likelihood that a startup can compete.

If anything, I think zero-rating services should actually be banned. It’s worse for consumers in the short term, but from a more expansive viewpoint, it encourages providers to be more honest about what kinds of speeds they can offer with their infrastructure. That might even get them to invest in more robust networks.1

Third, if the furor over net neutrality has demonstrated anything, it is that the media is ready-and-willing to raise a ruckus if ISPs even attempt to do something untoward; relatedly, a common response to the observation that ISPs have not acted badly to-date because they are fearful of regulation is not an argument for regulation — it is an acknowledgment that ISPs can and will self-regulate.

This is completely disproven by countless instances of corporate wrongdoing in modern American history. Banks and hedge funds already have a terrible name for helping cause the 2008 financial crisis, but many of them are still around and more valuable than ever. BP is still one of the world’s biggest oil and gas companies despite causing one of the world’s biggest environmental catastrophes.

Moreover, it isn’t as though ISPs are revered. They regularly rank towards the bottom of consumer happiness surveys. It’s not like their reputation can get much worse. And, with a lack of competition — especially amongst fixed broadband providers — it’s not like Americans have many options to turn to when their ISP suddenly starts behaving badly.

I could nitpick this article all day long, but this is, I think, the part of Thompson’s piece that frustrates me most:

I believe that Ajit Pai is right to return regulation to the same light touch under which the Internet developed and broadband grew for two decades.

This statement here isn’t just wrong — it’s lazily wrong. It is exactly the claim that Ajit Pai makes, and which Rob Pegoraro did a fantastic job debunking in the Washington Post in May:

But Pai’s history is wrong. The government regulated Internet access under Clinton, just as it did in the last two years of Barack Obama’s term, and it did so into George W. Bush’s first term, too. The phone lines and the connections served over them — without which phone subscribers had no Internet connection — did not operate in the supposedly deregulated paradise Pai mourns.

Without government oversight, phone companies could have prevented dial-up Internet service providers from even connecting to customers. In the 1990s, in fact, FCC regulations more intrusive than the Obama administration’s net neutrality rules led to far more competition among early broadband providers than we have today. But Pai’s nostalgia for the ’90s doesn’t extend to reviving rules that mandated competition — instead, he’s moving to scrap regulations the FCC put in place to protect customers from the telecom conglomerates that now dominate the market.

Thompson’s argument is exceptionally flawed, almost to the point of disbelief. But there is one thing he may be right about: it’s fair to argue that Title II may not be the perfect law for ISPs to be governed by. There are reasonable arguments to be made for writing new legislation and passing it through the appropriate channels in Congress.

But I think it’s completely absurd to change their classification without sufficient neutrality-guaranteeing legislation in place. Unfortunately, I wouldn’t trust this Congress to write and pass that law. Therefore, it is reasonable to keep ISPs under Title II until such a bill can be passed. The “wait and see” approach Thompson favours is not fair to consumers who get to play the part of the lab rat against influential lobbyists, large corporations, and a faux-populist legislative body.

See Also: TC Sottek of the Verge, Klint Finley of Wired, Matt Stoller of the Open Markets Institute, Jay Pinho, and Ernesto Falcon of the Electronic Frontier Foundation.

Update: Even if you believe that the American broadband market is sufficiently competitive — it isn’t — that ISPs can be trusted to not discriminate against some forms of traffic once given the freedom to — doubtful — and that existing regulatory structures will allow any problems to be fixed on a case-by-case basis, it still seems far more efficient to prevent it in the first place. There’s an opportunity to treat internet service as a fundamental utility; let’s keep it that way, whether that’s through Title II classification or an equivalent replacement.

  1. In a footnote, Thompson says that he’s previously argued for local loop unbundling to spur competition. I’m not a subscriber so I can’t read his argument, but I say, “why not both?” ↥︎

Desert Bus, Now in VR polygon.com

Owen S. Good, Polygon:

A VR edition of the epochally awful, intentionally mind-numbing minigame from the unreleased Penn & Teller’s Smoke & Mirrors 21 years ago has a listing on Steam. The game supports the HTC Vive and Oculus Rift headsets, plus motion controllers and gamepads (partial support).

From four screenshots shown, it looks like the game has been remastered with new graphics. But the gameplay is still the same: Drive a bus from Tucson, Ariz. to Las Vegas, in real-time (eight hours), fighting its misaligned steering the whole way.

Via Andy Baio who incorrectly calls Desert Bus the “worst game ever made”. Frankly, I hope a version of this comes to the iPhone.

MacOS High Sierra’s Authentication-Free Root Account macrumors.com

Juli Clover, MacRumors:

There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with with a blank password and no security check.

The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username “root” with no password. This works when attempting to access an administrator’s account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

As with any security issue, it would have been preferable for this to be disclosed to the vendor — in this case, Apple — privately before being publicly exposed. And, still, this is a huge problem for anyone whose recently-updated Mac is occasionally in the vicinity of other people. Apparently, pretty much any authentication dialog is susceptible, including worrying things like Keychain Access or changing a drive’s FileVault state. It appears to be a bug introduced in High Sierra; I failed to reproduce it on a machine running MacOS Sierra.

I don’t want to speculate on whether something like this would be caught in code review or a penetration testing scenario. Apple may do both of those things and it may have simply bypassed loads of people. I also don’t know how much buggier Apple’s operating systems are now compared to, say, ten years ago, if they are truly buggier at all. Maybe we were just more tolerant of bugs before, or perhaps apps crashed more instead of subtly failing while performing critical tasks.

But there has been a clear feeling for a while now that Apple’s software simply doesn’t seem to be as robust as it once was. And perhaps these failures are for good reasons, too. Perhaps parts of MacOS and iOS are being radically rewritten to perform better over the long term, and there are frustrating bugs that result. In a sense, this is preferable to the alternative of continuing to add new features to old functionality — I’d be willing to bet that there’s code in iTunes that hasn’t been changed since the Clinton administration.

Even with all that in mind, it still doesn’t excuse the fact that we have to live and work through these bugs every single day. Maybe a security bug like this “root” one doesn’t really affect you, but there are plenty of others that I’m sure do. I’m not deluded enough to think that complex software can ever be entirely bug-free, but I’d love to see more emphasis put on getting Apple’s updates refined next year, rather than necessarily getting them released by mid-September.1 There’s a lot that High Sierra gets right — the transition to APFS went completely smoothly for me, and the new Metal-powered WindowServer process seems to be far more responsive than previous iterations — but there is also a lot that feels half-baked.

Update: It gets worse — based on reports from security researchers on Twitter, this bug is exploitable remotely over VNC and Apple Remote Desktop. So, not only is this bug bad for any Mac left in a room with other people, it’s also bad for any Mac running High Sierra and connected to the internet with screen sharing or other remote services enabled. It’s worth adding a strong password to the root user account if you haven’t already. Thanks to Adam Selby for sending this my way.

Update: This bug has been known for at least two weeks, according to a post on Apple’s official developer forums.

Update: Apple has rolled out a fix for this bug that you should install immediately. Even if you don’t, it will install itself.

  1. For extra irony, recall that High Sierra was pitched as a refinement of MacOS Sierra. ↥︎

This Week in Apple Input Bugs macrumors.com

Joe Rossignol, MacRumors:

When affected users type the word “it” into a text field, the keyboard first shows “I.T” as a QuickType suggestion. After tapping the space key, the word “it” automatically changes to “I.T” without actually tapping the predictive suggestion.

A growing number of iPhone users have voiced their frustrations about the issue on the MacRumors discussion forums, Twitter, and other discussion platforms on the web since shortly after iOS 11 was released in late September.

MacRumors reader Tim shared a video that appears to indicate the issue can cause the word “is” to be autocorrected to “I.S” as well.

Neither of these bugs — nor, incidentally, the “A [?]” autocorrect from earlier this month — have personally affected me. For what it’s worth, I keep the predictive bar turned off because I find that I get more errors with it switched on.1 I don’t know if that has an effect on whether I see these bugs.

It’s alarming to see a recurring theme of bugs in Apple’s software and hardware input devices. From dust under MacBook Pro keyboards to this autocorrect bug and the other autocorrect bug, it’s a worrying sign. Then there’s the noticeable lag when using a Magic Trackpad 2 in El Capitan or later, and the seemingly-random capitalization of words on iOS.

I don’t know how accurate the broken windows theory is,2 nor how appropriate it would necessarily be to compare it to problems with input devices. But it kind of feels as though the occasional usability irritants — interactivity-blocking animations, occasional layout bugs, and the like — have been ignored as a cost of a rapid development cycle. It seems like the tolerance of these kinds of bugs has built up to the point where input device bugs are now shipping.

I wasn’t messing around when I wrote that input devices should never be buggy. Users already don’t fully trust computers; when their only control interface is disobedient, I bet it reinforces this mistrust — or, at least, increases user frustration.3

Bugs like the word “is” turning into “I.S” are not, in of themselves, all that alarming, but their accumulated effect is deeply irritating. Because parts of iOS’ system are shared with Apple’s three other operating systems — soon to be four, with the release of the HomePod — these bugs can occur in many contexts. And, of course, bugs from Apple are not the only ones users will be confronted with working around daily. I once tried keeping track of all of the bugs I encountered in everything I use, and I stopped after about a hundred individual notations in about three days. Fixing bugs — even little ones — needs to be as high of a priority as new features. I understand that developers often don’t get to make that decision, but someone should.

  1. I doubt that there is any effect on autocorrect behaviour no matter whether predictive is turned on. I find it easier to see when autocorrect is about to insert a word, though, when the old-style balloon appears over whatever I’m typing. ↥︎

  2. I understand that the broken windows theory has had very racist connotations, particularly in Giuliani’s New York, but I can’t think of anything else that communicates a sense of fixing small things prevents bigger problems. My understanding is that the theory itself isn’t racist, but its implementation often has been due to socioeconomic circumstances and aggressive policing. If you have any suggestions on what I can replace this with, I’m all ears. ↥︎

  3. I can’t find many studies specifically about users’ trust in computers and how computer-made errors affect that. I did find a study on children’s use of handwriting recognition software where computer-made errors caused concern for users, and I also found plenty of other user interface studies noting the importance of predictability and consistency. However, I think users’ concerns and frustrations are borne from a sense that they do not trust the computer when it behaves unpredictability. ↥︎

Bang for Your Buck, iPhone X Edition macworld.com

The Macalope responds to Mike Murphy’s piece in Quartz about the cost of enabling faster charging on the iPhone 8 models and iPhone X:

The point is, the iPhone X-spensive (pronounced “tenspensive”) is very expensive and still does not come with literally everything!

As Gizmodo points out in its great investigation into all of the various charging cables and plugs Apple offers, to actually get the quickest charging, you need to buy a 61-Watt adapter plug and a USB-C to Lightning cable.

And, to protect your phone, you have to buy a case! To listen to music wirelessly, you have to buy Bluetooth headphones! To look at it while eating a ham sandwich, you have to buy the ham sandwich! That’s right, a lot of people don’t know this, but there’s no ham sandwich in the box! Outrageous!

A classic Macalope retort to a typical whiny article, right?

Well, not exactly. In this case, I actually think Murphy has a good point: at $25 per USB-C to Lightning cable, Apple has good reason not to include them in the box, but the customer experience would be way better if they did.

Apple doesn’t have to include headphones in every iPhone box, but they do because they know that it’s far better for someone to have the option to listen to music as soon as they set up their device. They don’t have to ship every iPhone with a 50% battery charge, but they do because it’s a better experience when a customer opens the box. “Batteries not included” is a barely-tolerable buying experience for kids’ toys; Apple understands that its smartphone equivalent is unacceptable.

But if a customer has one of Apple’s recent-generation laptops, they also need to buy a cable with their new iPhone. I wouldn’t be surprised if a handful of customers bought their new iPhone and forgot to buy a USB-C cable with it, and had to drive to their nearest Apple Store or electronics retailer to pick one up. That sucks.

Likewise, the fast charging feature in these new iPhones requires additional hardware, which means that it’s something many users will be unlikely to discover on their own. Maybe that doesn’t matter much overall, but it would be fantastic if customers could experience that right out of the box.

The “iPhone X is expensive!” complaints will continue despite the phone selling extremely well. It occurs to the Macalope that in a market-based society, the real way to complain about something being too expensive is to not buy it. But the passive-aggressive whining about it lets you have your cake and complain about it, too.

I don’t think anyone’s buying decision for a thousand-dollar smartphone is predicated on whether a $25 cable is in the box. But Murphy’s complaint is not invalidated because of that; there are reasonable arguments to be made for the cable’s inclusion on the grounds of value and the unboxing experience. Maybe the 61-watt charging brick is a step too far — it’s heavy and probably expensive to build — but what about the 29-watt brick? And maybe it is absurd to include both USB-A and USB-C Lightning cables in every iPhone’s box, like Apple used to do when they shipped iPods with USB and FireWire cables, but they could include a USB-C to Lightning cable with every MacBook Pro or offer the opportunity for customers to make a trade at the point of purchase.

Murphy’s article isn’t passive-aggressive — it’s customer feedback. You may disagree with it, as does the Macalope, but “that’s capitalism!” isn’t a valid response on its own.

Robert Graham’s Bad Take on Net Neutrality blog.erratasec.com

Robert Graham of Errata Security reacts to an op-ed by Barbara van Schewick; van Schewick claims that the FCC has “always defended net neutrality”:

This wrong on its face. It imagines decades ago that the FCC inshrined some plaque on the wall stating principles that subsequent FCC commissioners have diligently followed. The opposite is true. FCC commissioners are a chaotic bunch, with different interests, influenced (i.e. “lobbied” or “bribed”) by different telecommunications/Internet companies. Rather than following a principle, their Internet regulatory actions have been ad hoc and arbitrary — for decades.

This is absolutely a fair take by Graham: the FCC has, indeed, failed to uphold net neutrality provisions in the past and is currently doing so, as he points out in a following paragraph:

There are gross violations going on right now that the FCC is allowing. Most egregiously is the “zero-rating” of video traffic on T-Mobile. This is a clear violation of the principles of net neutrality, yet the FCC is allowing it — despite official “net neutrality” rules in place.

Under the previous FCC administration, AT&T and Verizon were warned to cease similar zero-rating practices, and an investigation was being conducted. That is, until Ajit Pai and this FCC administration shut those investigations down and retracted their warnings. So, yeah, the FCC is currently failing to uphold net neutrality regulations, but that’s because it’s run by a cable-chummy chairman.

This is where Graham goes off the rails:

More concretely, from the beginning of the Internet as we know it (the 1990s), CDNs (content delivery networks) have provided a fast-lane for customers willing to pay for it. These CDNs are so important that the Internet wouldn’t work without them.

I just traced the route of my CNN live stream. It comes from a server 5 miles away, instead of CNN’s headquarters 2500 miles away. That server is located inside Comcast’s network, because CNN pays Comcast a lot of money to get a fast-lane to Comcast’s customers.

The reason these egregious net net violations exist is because it’s in the interests of customers. Moving content closer to customers helps. Re-prioritizing (and charging less for) high-bandwidth video over cell networks helps customers.

There’s so much amiss here that it beggars belief, especially coming from someone as technologically-knowledgable as Graham.

CDNs are absolutely a critical piece of the infrastructure of the modern web. They are what allow us to reliably stream video or access media-rich web applications around the world. But they are not inherently tied to ISPs like Comcast, nor are they a paid-for “fast lane” that violates the spirit of net neutrality.

I just launched one of CNN’s streaming videos, and it was being served from a server owned by Akamai. Akamai is a private company that CNN has its own contract with; my ISP, Shaw, provides the dumb pipe between my computer and — through some switching boxes and big fibre optic cables — Akamai’s servers. But Shaw does not have its own special contract with Akamai to serve that video any faster or slower than it would be if it were served from, say, Cloudflare. They can’t: I live in Canada, and such an arrangement is illegal here.

Moreover, the idea that CDNs somehow infringe upon net neutrality provisions is complete nonsense. Net neutrality is a set of rules that requires internet service providers to treat all traffic passing through their network identically, without prioritizing some data or blocking others. CDNs are a way for website owners to host their media in multiple places around the world. They’re completely different fields.

And, to his last point in that quote, Graham is right that being able to serve video over mobile networks more reliably and for less money is good for consumers. That’s why ISPs — fixed or mobile — should be competing on reliability, speed, and price, not gimmicks or special offers. That’s what happened after T-Mobile introduced their ostensibly unlimited plan last year.

You might say it’s okay that the FCC bends net neutrality rules when it benefits consumers, but that’s garbage. Net neutrality claims these principles are sacred and should never be violated. Obviously, that’s not true — they should be violated when it benefits consumers.

As explained above, this argument is nonsense. Net neutrality rules do not get in the way of consumer benefits. They simply make it so that ISPs are treated as the dumb pipes that they are, and require them to compete on tangible consumer benefits like pricing and speed.

This means what net neutrality is really saying is that ISPs can’t be trusted to allows act to benefit consumers, and therefore need government oversight. Well, if that’s your principle, then what you are really saying is that you are a left-winger, not that you believe in net neutrality.

This, too, is utter garbage. Plenty of conservative-leaning people and politicians favour differing amounts of government oversight across a wide variety of industries. 73% of self-identified Republicans in a poll by Mozilla say they strongly or somewhat strongly support net neutrality rules. I don’t know — maybe 73% of the Republicans surveyed by Mozilla are actually secret “left-wingers” who may also support crazy liberal ideas like a representative democracy or freedom of speech. Or, perhaps, this isn’t a partisan issue: the internet has become a utility, and many people from across the political spectrum think it ought to be treated as such.

CCamera ccamera.org

The premise of this app by Marco Land was enough for me to buy it immediately:

With 657 billion digital images per year being captured and pushed to the web, it is likely that at some point in your life you’ve taken a photo that already exists. And you will continue to do so with the help of this app.

CCamera is the first camera app that takes images that have already been uploaded to the internet. It brings your photos to the next level — because they’re not yours.

It costs a dollar and will probably give you more satisfaction than a Snickers bar. Totally worth it.

Google Has Been Collecting Android Users’ Locations Even When Location Services Are Disabled qz.com

Keith Collins, Quartz:

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.

Quartz observed the data collection occur and contacted Google, which confirmed the practice.

The cell tower addresses have been included in information sent to the system Google uses to manage push notifications and messages on Android phones for the past 11 months, according to a Google spokesperson. They were never used or stored, the spokesperson said, and the company is now taking steps to end the practice after being contacted by Quartz. By the end of November, the company said, Android phones will no longer send cell-tower location data to Google, at least as part of this particular service, which consumers cannot disable.

As Michael Rockwell pointed out, Google only stopped when contacted by Quartz; how long would this practice have continued if Quartz had not discovered this? And why were they doing this in the first place if they weren’t storing or using the location information? And why will it take until the end of the month to stop collecting this information?

The FCC Ignored Virtually All Public Feedback on Their Proposed Net Neutrality Rollback theverge.com

Jacob Kastrenakes, the Verge:

The FCC received a record-breaking 22 million comments chiming in on the net neutrality debate, but from the sound of it, it’s ignoring the vast majority of them. In a call with reporters yesterday discussing its plan to end net neutrality, a senior FCC official said that 7.5 million of those comments were the exact same letter, which was submitted using 45,000 fake email addresses.

But even ignoring the potential spam, the commission said it didn’t really care about the public’s opinion on net neutrality unless it was phrased in unique legal terms. The vast majority of the 22 million comments were form letters, the official said, and unless those letters introduced new facts into the record or made serious legal arguments, they didn’t have much bearing on the decision. The commission didn’t care about comments that were only stating opinion.

There is strong public support for the net neutrality rules in place today that prevent ISPs from prioritizing some kinds of traffic over others, yet the FCC didn’t care. Perhaps public commentary shouldn’t outweigh expert opinion — which, by the way, tends to side with Title II proponents — but perhaps it should also be considered by the FCC as an indication that what they’re proposing is disagreeable to Americans. They can correct course. Remember when previous FCC Chairman Tom Wheeler released his first draft of a proposal to allow “fast lanes”? That was met with public outcry; so, the commission listened and changed course. Pai could do that, but he won’t.

By the way, the FCC isn’t cooperating with the New York Attorney General’s investigation into those spam comments, many of which involved the theft or imitation of Americans’ identities.

MailChimp Switches to Single Opt-In By Default mjtsai.com

Graham Cluley:

The only saving grace is that the better-managed newsletters ask you to confirm that you really really want to receive emails from them. They do this by sending a single email – normally with a clickable confirmation link – to the email address entered on their subscription form.

If you don’t respond to the confirmation email, you don’t get any follow-up emails. That’s how things are supposed to work. And it’s called double opt-in.

MailChimp:

Rather, as the majority of companies have moved to single opt-in, recipients have become re-educated on how email marketing confirmation works. Today, most people don’t expect or look for a double opt-in confirmation message when they subscribe to a newsletter.

Indeed, we’ve seen double-opt in rates within MailChimp slip to 39%. This means 61% of people start but do not finish the double opt-in process.

Maybe that’s because some people are given the opportunity to not be spammed, either when they perhaps didn’t intend to subscribe to a company’s emails, or perhaps they had the chance to second-guess their subscription after seeing their already-full inbox. That’s a good thing.

Via Michael Tsai, who writes:

For what it’s worth, nearly all the newsletters I subscribe to still use double opt-in.

Two things have saved my inbox from becoming a complete disaster over the past couple of years: double opt-in, and iOS’ prompt to unsubscribe from newsletter emails.

This announcement from MailChimp coincides with Julia Angwin’s report for ProPublica explaining how easily thousands of malicious subscriptions overwhelmed her email inbox and prevented her from doing her job.

The FCC Gets the History of ISP Regulation Wrong washingtonpost.com

Earlier today, I picked apart Ajit Pai’s comments made introducing his proposed repeal of net neutrality rules, but there was one thing I missed. There’s this trope that Pai has repeatedly invoked since taking office:

For almost twenty years, the Internet thrived under the light-touch regulatory approach established by President Clinton and a Republican Congress. This bipartisan framework led the private sector to invest $1.5 trillion building communications networks throughout the United States. And it gave us an Internet economy that became the envy of the world.

It’s a nonsense argument, as Rob Pegoraro pointed out in May in the Washington Post:

But Pai’s history is wrong. The government regulated Internet access under Clinton, just as it did in the last two years of Barack Obama’s term, and it did so into George W. Bush’s first term, too. The phone lines and the connections served over them — without which phone subscribers had no Internet connection — did not operate in the supposedly deregulated paradise Pai mourns.

Without government oversight, phone companies could have prevented dial-up Internet service providers from even connecting to customers. In the 1990s, in fact, FCC regulations more intrusive than the Obama administration’s net neutrality rules led to far more competition among early broadband providers than we have today. But Pai’s nostalgia for the ’90s doesn’t extend to reviving rules that mandated competition — instead, he’s moving to scrap regulations the FCC put in place to protect customers from the telecom conglomerates that now dominate the market.

The landscape of ISPs and the role they play in our lives has dramatically shifted since the mid-’90s. They are more like utilities than ever before, and ought to be regulated as such.

If you’re anything like me, when you’re shopping for broadband, you probably compare four things amongst your different options: speed, monthly allotment, availability, and price. That’s it. Internet service providers are dumb pipe provisioners. An electrical company can’t mandate which appliances you use or what you keep in your fridge; an ISP shouldn’t be allowed to limit your access to certain web services or promote others.

FCC Will Also Order States to Scrap Plans for Their Own Net Neutrality Laws arstechnica.com

Jon Brodkin, Ars Technica:

In addition to ditching its own net neutrality rules, the Federal Communications Commission also plans to tell state and local governments that they cannot impose local laws regulating broadband service.

[…]

It isn’t clear yet exactly how extensive the preemption will be. Preemption would clearly prevent states from imposing net neutrality laws similar to the ones being repealed by the FCC, but it could also prevent state laws related to the privacy of Internet users or other consumer protections. Pai’s staff said that states and other localities do not have jurisdiction over broadband because it is an interstate service and that it would subvert federal policy for states and localities to impose their own rules.

It’s not just an interstate service; the internet is an international service. Recent proposals from the FCC sharply contrast with net neutrality and online privacy legislation passed by the European Union and in Canada.

After the FCC canned internet privacy rules shortly before they were set to go into effect, several states and Seattle proposed legislation to protect the privacy of consumers living in their regions. If it isn’t the FCC’s job to police infringement upon Americans’ privacy by ISPs — as they seem to believe — why would they also think they have the power to usurp that right from states as well? And, aside from the global nature of the web, why would Pai’s FCC be so keen to preempt states from proposing local net neutrality rules?

Ajit Pai’s Giant Middle Finger

Cecilia Kang, New York Times:

The Federal Communications Commission announced on Tuesday that it planned to dismantle landmark regulations that ensure equal access to the internet, clearing the way for companies to charge more and block access to some websites.

The proposal, put forward by the F.C.C. chairman, Ajit Pai, is a sweeping repeal of rules put in place by the Obama administration. The rules prohibited high-speed internet service providers from blocking or slowing down the delivery of websites, or charging extra fees for the best quality of streaming and other internet services for their subscribers. Those limits are central to the concept called net neutrality.

Aside from media and internet conglomerates, who wants this? If you aren’t a shareholder or executive of one of those gigantic companies, why would you find anything at all to like about this proposal? It’s an anti-consumer, anti-competitive, and anti-American proposal that benefits very few at the expense of many.

Ajit Pai published a statement (PDF) on the FCC website, and it’s offensively misleading:

For almost twenty years, the Internet thrived under the light-touch regulatory approach established by President Clinton and a Republican Congress. This bipartisan framework led the private sector to invest $1.5 trillion building communications networks throughout the United States. And it gave us an Internet economy that became the envy of the world.

But in 2015, the prior FCC bowed to pressure from President Obama. On a party-line vote, it imposed heavy-handed, utility-style regulations upon the Internet. That decision was a mistake. It’s depressed investment in building and expanding broadband networks and deterred innovation.

Pai conflates the regulation of the internet with regulation of internet service providers. If he’s doing this unintentionally, he’s too stupid to run the FCC. But that clearly isn’t the case: he isn’t stupid, and I fully believe he’s conflating the two intentionally. Regulating the internet really does sound like a bad thing, but regulating Verizon and Comcast probably sounds pretty reasonable to most people — most people hate the way their internet service provider treats them. His claim that the internet is being “micromanaged” is an outright lie.

Moreover, his complaint that net neutrality regulations were passed under partisan terms is utterly ridiculous given that his proposal is also expected to pass along partisan lines — only this time, in a way that’s favourable to him.

Finally, his claim that Title II regulations have reduced broadband investment by ISPs is also a lie.

The Wall Street Journal also published an op-ed today from Pai in which he more publicly makes his case:

This is why I’m proposing today that my colleagues at the Federal Communications Commission repeal President Obama’s heavy-handed internet regulations. Instead the FCC simply would require internet service providers to be transparent so that consumers can buy the plan that’s best for them. And entrepreneurs and other small businesses would have the technical information they need to innovate. The Federal Trade Commission would police ISPs, protect consumers and promote competition, just as it did before 2015. Instead of being flyspecked by lawyers and bureaucrats, the internet would once again thrive under engineers and entrepreneurs.

The internet is thriving under engineers and entrepreneurs; retaining Title II classification would allow small and independent creators to compete against established players. Repealing that classification, as Pai is proposing, would allow internet service providers create their own marketplaces with better service going to the richest and best-connected websites.

FTC Commissioner Terrell McSweeny took to Twitter to dispute the notion that the FTC could be able to adequately protect consumers:

So many things wrong here, like even if @FCC does this @FTC still won’t have jurisdiction. But even if we did, most discriminatory conduct by ISPs will be perfectly legal.

This news is dropping today and the text of the proposal will be released tomorrow because it’s the start of the Thanksgiving long weekend in the United States. Pai is counting on your outrage being buried under enough turkey and booze by Monday that you’ll forget about it. You can’t.

I’m Canadian, so it sounds like I shouldn’t care about this, but I do. I have to. The internet economy that is “the envy of the world”, in Pai’s words, is mostly an American one, so regulations that affect those companies affect the world, especially considering how weak American anti-trust regulations tend to be.

Consider that Comcast is working on a Netflix competitor, and that they also own NBCUniversal. It’s not hard to imagine an environment in which Comcast charges Netflix an extremely high rate to carry NBCUniversal TV shows and movies while also requiring Netflix to pay to be in their “fast lane” of internet service.

Comcast could also conceivably offer their streaming service at a reduced rate, or not count it against monthly bandwidth caps. In 2014, Kate Cox of the Consumerist reported that there were plenty of well-populated regions in the United States where Comcast had no broadband competition. As of last year, around 78% of Americans had a choice of zero or one provider for broadband of 25 Mbps or higher. In regions where Comcast is the only option, they could choose to offer NBC and MSNBC at a reduced rate on the web, but charge higher prices to view CNN or Fox News. If you didn’t like this, you could lodge an FTC complaint; but, as long as your ISP were being transparent about these practices, it wouldn’t be deceptive and may not even necessarily be predatory.

As cable companies increasingly become providers of television, home and business internet, home phone, cellular, and streaming services as well as making and distributing movies, music, and TV shows — including the news — this proposal becomes increasingly toxic. Combine this proposal with other moves Pai’s FCC has made and it’s a recipe for preserving the interests of the biggest businesses and media entities, and reducing competition from upstart and lesser-funded businesses.

You can — and should — hammer the FCC with your complaints, calls, and feedback on this. But be prepared for the long haul on this, because no matter which way Pai’s proposal goes, there’s a bigger story here. Karl Bode, Techdirt:

Supporters of net neutrality also need to understand that the broadband industry’s assault on net neutrality is a two-phase plan. Phase one is having an unelected bureaucrat like Ajit Pai play bad cop with his vote to dismantle the rules. Phase two will be to gather support for a net neutrality law that professes to be a “long-standing solution to this tiresome debate.” In reality, this law will be written by ISP lobbyists themselves as an attempt to codify federal apathy on this subject into law. These weaker protections will be designed to be so loophole-filled as to effectively be useless, preventing the FCC from revisiting the subject down the road. A solution that isn’t — for a problem they themselves created.

It’s understandable that the public and press is tired of this debate after fifteen years. But instead of hand wringing and apathy, we should be placing the blame for this endless hamster wheel at the feet of those responsible for it: Comcast, AT&T, Verizon and Charter, and the army of lawmakers, economists, fauxcademics, and other hired policy tendrils willing to sell out the health of the internet — and genuinely competitive markets — for a little extra holiday cash. Folks that honestly believe they can lie repeatedly with zero repercussion, and hide a giant middle finger behind the gluten-free stuffing and Aunt Martha’s cardboard-esque pumpkin pie.

Pai is carrying water for ISPs and their paid interests in that damn mug of his which, incidentally, is also big enough to hide the middle finger he’s giving Americans. If you live in the United States, it’s up to you to tell him to put his mug down and start working for your interests, instead of for ISPs and against you. You deserve better.

I’m encouraged to see that “net neutrality” is a trending topic on Twitter, too. It’s something that everyone should be concerned about, regardless of age, political affiliation, or interest in technology. It’s important to spread the word on this to everyone you know: explain what net neutrality is, why it’s so important to preserve Title II rules, and talk about what normal people can do about it. Everyone deserves better than what Pai’s has proposed.

Making the Worst of a Bad Thing zdnet.com

Apple announced on Friday that the HomePod’s release would be delayed until next year and, of course, that made some people fear the worst. Like ZDNet’s Adrian Kingsley-Hughes, who claims that this delay means that Apple has “[slipped] closer to becoming ‘just another tech company’”:

Apple didn’t go into any details as to why it had to delay the release beyond a very vague “we need a little more time before it’s ready for our customers.” For a product that was demoed on stage back in June at WWDC isn’t ready almost five months later, and won’t be until some “early 2018.”

Incidentally, the HomePod was not demoed on stage at WWDC. It was announced on stage and a few press outlets were given private demos, but those publications were allowed limited access and — something I believe is critical — they weren’t allowed to test Siri.

Apple was in in similar situation last year with the AirPods, although the company did manage to get them out of the door just before Christmas.

Delaying products that would be pretty great gifts is regrettable, but I don’t know that having limited quantities of AirPods available last year registers on the same scale as having the HomePod being entirely unavailable until next year.

Here’s a counterargument to Kingsley-Hughes’ narrative: the iPhone X was released in larger quantities than rumours suggested, and Apple has been bumping up shipping estimates across the board. If you tried ordering one just a week or two ago, you would have seen shipping estimates of 5–6 weeks; now, shipping times are at 2–3 weeks, and I’ve always found that Apple beats those estimates in practice.

As much as I don’t want to bring up the tired old “Apple wouldn’t have done this under Steve Jobs’ watch” trope, a lot of what’s happening at Apple lately is different from what the came to expect under Jobs. Not to say that things didn’t go wrong under his watch, but product announcements and launches felt a lot tighter for sure, as did the overall quality of what Apple was releasing.

Remember the white iPhone 4 debacle? That happened under Jobs’ watch, as did MobileMe and buggy x.0 releases of iOS. They were embarrassing for the company, and I’m sure Apple works hard to not repeat the same mistakes.

I’ll let you in on a little secret: I’ve had an article in draft for a while in which I complain about a lot of bugs in iOS 11. I’ve hesitated to publish it because it just sounded whiny, and it wouldn’t age well. And, it turns out, there was an advantage to my delinquency: in the two months since its release, Apple has issued several small patches to iOS 11 which have dramatically improved its stability and fixed lots of the issues I wrote about.

For what it’s worth, I think iOS 11 was released too soon. I think the artificial September deadline bit Apple in the ass as they tried to wrap up overhauls of major system components — especially Springboard. It’s not just the fault of the iPhone X, either; many of the improvements to iPad multitasking this year required big updates to systemwide processes. But I also think that there’s a welcome commitment to releasing smaller updates more frequently. Of course we all want the x.0 release to be as stable and bug-free as possible, but I’m glad Apple has reduced their tendency to leave bugs — at least on iOS — hanging for months until they popped out an x.1 update.

Don’t mistake my attempt at combatting the Jobs trope for complacency in bugs and hardware release dates. The delay of the HomePod is unfortunate and would have been easily prevented by not announcing it months in advance, even if they thought a December ship date was likely. I hope the iMac Pro isn’t similarly delayed. I’d love to see a bit more of that old Apple magic again where desirable products are available to buy or preorder the same day they’re announced. Yet, I simply don’t think this is cause for the kind of concern that Kingsley-Hughes is raising.

Comcast Said to Be in Talks to Buy 21st Century Fox Assets mobile.nytimes.com

Brooks Barnes and Michael J. de la Merced, New York Times:

Comcast, the cable giant and owner of NBCUniversal, is in preliminary talks to buy entertainment assets owned by 21st Century Fox, including a vast overseas television distribution business, the Fox movie studio, the FX cable network and a group of regional sports channels.

Under the deal being discussed, the Murdoch family, which controls 21st Century Fox, would retain the Fox News cable network, certain sports holdings, a chain of local television stations and the Fox broadcast network.

Disney is also rumoured to be interested in these Fox assets, as is Sony. All of these companies are gigantic media conglomerates, Comcast being the largest in the United States, Disney being the second largest, and 21st Century Fox third.

One thing that’s absolutely critical to understand when considering questions about media ownership and net neutrality is that there are few major media companies that are in single lines of business. Increasingly, these conglomerates are becoming vertically integrated with unprecedented reach: they finance movies and television, distribute and market their programming, some provide the cable and internet services that transmit video to viewers’ computers and televisions, and many own or have major stakes in streaming platforms as well. So as the FCC contemplates dismantling net neutrality regulations, they are helping create a situation in which Comcast could conceivably own and prioritize their media assets from their production to your couch, while restricting competition. Imagine if heyday-era General Motors owned everything from steel mills to parts of the Interstate system, but instead of transportation, it’s information and entertainment.

I maintain that Comcast should never have been allowed to buy NBCUniversal. That kind of cross-market dominance is toxic for competition. A similar mistake should be avoided by blocking their purchase of 21st Century Fox’s entertainment businesses as well.

Gizmodo’s Review of the Google Pixel Buds gizmodo.com

Adam Clark Estes of Gizmodo does not like Google’s Pixel Buds very much. Even a feature I was very excited about — real-time in-ear translation — sounds like a broken experience in practice:

I did get the translation feature to work, by the way, and it’s just as confusing as everything else about the Pixel Buds. You’d think that you could just tap the right earbud and ask Google to translate what you’re hearing, but it’s more complicated than that. You do have to tap the earbud and ask Google to translate, but then you have to open up the Google Translate app and hold your phone in front of your foreign language-speaking friend. And, of course, your phone must be a Google Pixel or Pixel 2.

The dream is to be able to have a relatively normal conversation with someone whose language you don’t speak, right? That’s clearly not what you get here. That’s a shame, because it’s something Google ought to be able to do very well — or, at least, that’s the promise of a company that mines the world’s data, isn’t it?